I don't think the suggestion was to make TMP=~/tmp, but TMP=/tmp/$USER,
where /tmp/$USER is owned by the user in question and is inaccessible to
others.

It would be a lot better to use TMP=/tmp/users/$USER, as user names are
pretty likely to clash with files already in /tmp. You can't pre-create
all user dirs at boot as well -- there may be hundreds of thousands of
users, new users can be created on the fly, or perhaps an authenthication
mechanism doesn't even support providing you with the list of users.

Having a non-world-writable directory that can be written to only by a pam
module which then chowns the individual dirs it creates would prevent such
clashes.